2f932110e612f5cd40a7bc0b59b69d1828fc52f6c288426f624361150184bf47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea2252e63c90abd2ecb173179100bc52_JaffaCakes118
Size

648KB
Sample

240918-2yyfkaxgrl
MD5

ea2252e63c90abd2ecb173179100bc52
SHA1

bfdac4d97d33084e2d387ea5f926ce3f3bcdf415
SHA256

2f932110e612f5cd40a7bc0b59b69d1828fc52f6c288426f624361150184bf47
SHA512

1619ad5c5b5f9bf43eb5c1ac9a02cec3d449cbcf5e23920377c6d45c574a93592f0821c71707368f117ef71c9f1fdcf24e0d183966b28fd84ac3bdbca676224b
SSDEEP

12288:NCM+jrH71cVg3Jilr946ZXF3Z4mxx54IxSo62jDrkAI:EM+jzaC3JrKXQmXZsohk

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ea2252e63c90abd2ecb173179100bc52_JaffaCakes118
- Size
  
  648KB
- MD5
  
  ea2252e63c90abd2ecb173179100bc52
- SHA1
  
  bfdac4d97d33084e2d387ea5f926ce3f3bcdf415
- SHA256
  
  2f932110e612f5cd40a7bc0b59b69d1828fc52f6c288426f624361150184bf47
- SHA512
  
  1619ad5c5b5f9bf43eb5c1ac9a02cec3d449cbcf5e23920377c6d45c574a93592f0821c71707368f117ef71c9f1fdcf24e0d183966b28fd84ac3bdbca676224b
- SSDEEP
  
  12288:NCM+jrH71cVg3Jilr946ZXF3Z4mxx54IxSo62jDrkAI:EM+jzaC3JrKXQmXZsohk
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence